Every packet that arrives from them is sent to a chain by the firewall
which logs them and then drops them. The log records the port they were
blocked on. That's how I found the 7777. I had no idea what it was. I
picked them up first because they hit on 22. that got them put in the set.
Others in the set made a couple of attempts then disappeared. There is one
oyher persistent pest, a well known comment spammer that keeps coming back
and having a go for a while then disappearing, then just the usual rubbish
On Tue, 9 Apr 2019 at 22:27, Dom Latter <bitfolk-users@???> wrote:
>
>
> On 09/04/2019 10:59, Keith Williams wrote:
> >
> > On Tue, 9 Apr 2019 at 17:38, Dom Latter <bitfolk-users@???
> > <mailto:bitfolk-users@latter.org>> wrote:
> >
> > On 09/04/2019 04:44, Keith Williams wrote:
> > > for at least 24 hours now. They go for ports 22.23.53, 80, 443
> > and 7777.
> > > That last one is particularly nasty.
> >
> > They're (probably) looking for a backdoor opened up by Windows
> malware.
> >
> > Why would that concern you?
>
> > It does concern me for a number of reasons.
>
> I was particularly referencing 7777 (hence the quoted context). You've
> not got anything on that port, and even if you did, it wouldn't be
> compatible.
>
> I don't think I'd even notice an attempt to connect to 7777.
> Because a connection is not made...
>
> _______________________________________________
> users mailing list
> users@???
> https://lists.bitfolk.com/mailman/listinfo/users
>
